Cisco ACI - APIC

Cisco ACI is part one of SDxCentral’s series to explain the Cisco ACI (Application Centric Infrastructure) framework.  Check out Part 2 that detail the Cisco Application Policy Infrastructure Controller or Cisco APIC.  Cisco ACI is the solution that emerged from Cisco, following its acquisition of Insieme, which is a company they funded for more than two years. ACI is seen by many as Cisco’s software-defined networking (SDN) offering for data center and cloud networks.

Cisco ACI is a tightly coupled policy-driven solution that integrates software and hardware. The hardware for Cisco ACI is based on the Cisco Nexus 9000 family of switches. The software and integration points for ACI include a few components, including Additional Data Center Pod, Data Center Policy Engine, and Non-Directly Attached Virtual and Physical Leaf Switches.

While there isn’t an explicit reliance on any specific virtual switch, at this point, policies can only be pushed down to the virtual switches if Cisco’s Application Virtual Switch (AVS) is used, though there has been talk about extending this to Open vSwitch in the near future.

The Cisco Application Policy Infrastructure Controller (Cisco APIC) is the unifying point of automation and management for the Application Centric Infrastructure (ACI) fabric. The Cisco APIC provides centralized access to all fabric information, optimizes the application lifecycle for scale and performance, and supports flexible application provisioning across physical and virtual resources.


Features and Capabilities

  • Centralized application-level policy engine for physical, virtual, and cloud infrastructures
  • Detailed visibility, telemetry, and health scores by application and by tenant
  • Designed around open standards and open APIs
  • Robust implementation of multi-tenant security, quality of service (QoS), and high availability
  • Integration with management systems such as VMware, Microsoft, and OpenStack

Designed for automation, programmability, and centralized management, the Cisco APIC itself exposes northbound APIs through XML and JSON. It provides both a command-line interface (CLI) and GUI which utilize the APIs to manage the fabric holistically.

Cisco APIC provides:

  • A single pane of glass for application-centric network policies
  • Fabric image management and inventory
  • Application, tenant, and topology monitoring
  • Troubleshooting

Cisco APIC is completely removed from the data path. This means the fabric can still forward traffic even when communication with the Cisco APIC is lost.